package com.xqboss.framework.security.context;

import cn.hutool.core.util.StrUtil;
import com.xqboss.common.constant.Constants;
import com.xqboss.common.exception.user.UserOrPasswordErrorException;
import com.xqboss.common.exception.user.UserPasswordNotMatchException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

/**
 * @author Administrator
 */
public class CustomLoginAuthenticationProvider extends DaoAuthenticationProvider {

    public CustomLoginAuthenticationProvider(UserDetailsService userDetailsService) {
        super();
        setUserDetailsService(userDetailsService);
    }

    @Override
    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {

//        if (authentication.getCredentials() == null) {
//            this.logger.debug("Authentication failed: no credentials provided");
//            throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
//        } else {
//            String presentedPassword = authentication.getCredentials().toString();
//            if (!StrUtil.equals(Constants.VERIFY_CODE_LOGIN, presentedPassword)) {
//                //短信登录，不验证密码
//                BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
//                if (!passwordEncoder.matches(presentedPassword, userDetails.getPassword())) {
//                    this.logger.debug("Authentication failed: password does not match stored value");
////                    throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
//                    throw new UserOrPasswordErrorException();
//                }
//            }
//        }
    }
}
